Do not present #infosec with any #2012predictions. Many in the community hate #spoilers.
Hactivism
Defination: A Collective without any known leadership, with its utopian set of ethos, trying to bring in sense in this chaotic world.
Anonymous, as a collective is mostly active in US and European Countries, but in 2012 we would see them making active inroads into Asian Countries especially India.
Why India?
1: Recently, Indians have been agitating against corruption, corrupt officials but nothing really has materialized on the online front.
2: Though India has Cyber Laws but when it comes to out-of-india attacks nothing much is expected.
3: A few months ago, Indian hackers had tried to go the anonymous way but lost their way and ended up getting doxed by the Anonymous.
DOX: Personal information about people on the Internet, often including real name, known aliases, address, phone number, SSN, credit card number, etc.
I wouldn’t be surprised IF Anonymous collective has already started contacting and recruiting Indian hackers, for their #indiaops.
Money Mules and Credit Card related Frauds
India will see a sharp rise in both Money Mules related activity and Credit Card Related crimes.
In India, the list of petty criminals is huge, due to which, the activity of money-mules will be out-sourced to India and that too in a big way. I think the year 2012 would build the foundation for India’s future IT related crimes.
Would these type of cases be detected ?
I have my own reservations over this, cause of lots of factors but banks do have the option of keeping a tab on Foreign ATM withdrawals / purchases from local business located in a different country.
In the past, we have seen non-compliance of PCI-DSS by some of the top-most organizations, whether it was Sony or Stratfor or Heartland, hence it is imperative that all organizations should take the year 2012 very seriously when it comes to PCI-DSS non-compliance, and shouldn’t take web-security / data security for granted.
I have observed a lot of Shopping Malls, which store entire Credit-Card and Debit Card Data on their personal servers and their employees are encouraged to swipe the Card into their own POS alongwith the one provided by the Banks, its only a matter of time until someone hacks into these and finds a treasure trove of information. Whether the information stored by Indian Shopping Malls, is using the PCI-DSS norms or not, only time will tell.
The security of Indian Organizations will be severely tested or has it already been tested and no one knows about it?
Phishing and Malware
Phishing will never cease to exist. As long as email servers and domains are non-compliant to atleast one industry standard i.e. DKIM or SPF with strict enforcement , phishing is not going to stop.
Phishing mails with malware attachments or malware laced urls or plain data stealing web-site clones can always be expected.
AV Industry will have to rethink their strategy when it comes to content scanning and detection of phishing / malware sites. Why? The answer is simple, who will clean up the ever increasing database of urls?
2012 the year itself 21/12/2012
According to Mayan calender there is no 2013 and this will lead to lots of phishing mails, or scams, especially in the month of November/December first half.
Key Collision / Digital Certificate
State sponsored snoops either on their own citizens or on foreign entity will take a new shape, either ways, its going to gain prominence.
What has a State got to do with Key Collision/Digital Certificate? these symbolize ‘Trust’. The trust which we users have on the services which we avail from the service providers. The trust a government official will have on the exe / pdf / email, he has received from his boss/department head.
A rogue Government having access to a CA either legally or otherwise – the eventualities are limitless.
Smart Phones and Tablets
India has seen a jump in sales of Smart Phones and the cheaply available android based Tablets for less than 3000 INR i.e. approx 56 USD. Hence, the market of mobile malware is now evenly balanced with the conventional version.
When a particular piece of technology/hardware is available so cheaply, it garners extreme interest in all the circles and in turn grabs a huge market share. Tablets, provide computing power as well as mobility and adds a new segment of IT users but nothing much can be said about their security awareness.
Premium rate SMS/Call hacks, Premium Image downloads will occur alongwith this data-harvesting and tracking apps will increase. Not only Indians but the rest of the smart phone / tablet users will be at risk .
Long URLs have already proved to be excellent USP for phishing syndicates, QR codes for long urls wont be much far behind. After all, the display screen size and font size does matter.
One fact I would love to mention is that QR codes often dont accompany the visually displayed links which they are supposed to represent. This is one big flaw and can / will be exploited.
Botnets and Anonymous proxies
Botnets have always been a pain to Organizations and Security researchers worldwide. Botnets are being used for various tasks, from launching DDOS attacks to Spamming, but very recently, it has been observered that a botnet was being used to provide paid Anonymous browsing Proxy services.
In the year 2012, India will be the largest host for such services.
Unauthorised access coupled with data pilferage is generally termed as a Hack and generally organizations treat these cases quite seriously, but when unauthorized processes are not leaking out organizations data but are utilizing their resources then ? Well these are termed as a virus / malware / trojan or simply a failure of the organization to deploy a proper AV solution.
It doesnt matter if there is a hack or a infection, every unauthorised resource access is to be dealt and handled. Bandwidth availability on the other hand is increasing exponentially while the cost to avail the bandwidth is decreasing.
Normally, everyone concentrates on Corporations but what about SMBs and home users and their security awareness?
Based on this perception, we believe that India will be the largest hub of Botnet and Anonymous Proxy services by the end of 2012.
We have recently seen IP addresses of SMBs and Home users with broadband being used by Paid Anonymous Proxy Services.
Which also raises a question about the ISPs and their own detection mechanism for such activity.
Last but not the least …
Stuxnet and Duku
StuxNet and Duku required access to the internal networks but with freely available service like ShodanHQ being made available and the latest telnet exploit making rounds in the Security Circles, I wouldn’t be surprised to find an automated attack on embedded devices which are exposed on Internet being taken over by rogue entities.
Rogue entities / states having their own database of vulnerable IPs, similar to ShodanHQ is just waiting to be exposed.
If this exposure ever takes place its going raise a lot of questions especially related to espionage.
Some of the spoilers mentioned maybe combined with different permutations and combinations and maybe used to wage a covert cyberwar. Though Cyberwar is not a new term but is all set to become a reality.
eScan wishes you a Safe and Secure 2012 and as usual We shall be striving to come out with newer algorithms and ideologies .
1 Comments
Pingback: Exceptional Botnets and Exploit Kits | Welcome to the eScan Blog